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REMARKS 

In response to the Office Action mailed on March 26, 2008, Applicants 
respectfully request reconsideration. To further the prosecution of this 
Application, Applicants submit the following amendments and remarks discussing 
patentability of rejected and newly added claims. Applicants respectfully request 
that the application be passed to issue. 

Claims 1-53 were previously pending in the subject Application. Claims 
54-55 are being added by way of this amendment. No new matter was added to 
the application when amending or adding these claims. 

Applicant are appreciative of the Examiner's review of the claims and 
allowance of claims 12 and 27. Applicants respectfully request the Examiner to 
call Applicant's representative at the number below to expedite the present 
application to issuance. 

Summary of an Embodiment of the Invention 

Prior to discussion of the pending claims, Applicants would like to briefly 
discuss an illustrative embodiment of the present invention. One embodiment of 
the present invention, in contrast to conventional approaches, is directed to a 
technique for authenticating devices in a network such as a Radio Frequency 
Identification (RFID) Network between control stations and one or more 
transceivers. 

A transceiver receives transceiver configuration information including a 
network address and transceiver authentication credentials and receives an 
authentication request from the control station. The transceiver applies 
authentication processing to request information within the authentication request 
in conjunction with the transceiver authentication credentials to produce an 



U.S. Application No.: 10/786,529 Attorney Docket No.: SUN03-1 4(040486) 
-27- 

authentication response and transmits the authentication response to the control 
station to allow the control station to determine if the transceiver is authorized to 
communicate within the remote identification system. 

Rejection of Claims 

The Examiner has rejected claim 1 under 35 U.S.C. § 103(a) as being 
unpatentable over Leivo (U.S. Patent 6,782,080) in view of Reader (U.S. Patent 
Publication 2004/0054905). Applicants are appreciative of the Examiner's review 
of pending claim 1 and respectfully request further consideration. 

Applicants has amended claim 1 to include the limitation of previously 
pending claim 52 to expedite prosecution of the claims to allowance. No new 
matter has been added to the claims; thus, there is no need to perform another 
search. Amended claim 1 reads as follows: 

1 . (Currently Amended) A method for authenticating operation of a 

transceiver with a control station within a wireless remote identification 
system, the method comprising: 

receiving transceiver configuration information including a network 
address and transceiver authentication credentials for associating with the 
transceiver; 

receiving an authentication request from a control station within the 
remote identification system , wherein receiving the authentication request 
includes receiving a first data value and a second data value from the 
control station ; 

producing an authentication response for authenticating the 
transceiver by applying authentication processing to request information 
in the authentication request, the authentication processing being based 
on use of the transceiver authentication credentials associated with the 
transceive r, wherein producing the authentication response includes: 
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utilizing the first data value to identify an instruction of 
multiple instructions associated with the transceiver: 

computing an authentication response value by applying the 
identified instruction to the second data value: and 

generating the authentication response to include the 
authentication response value : and 

transmitting the authentication response to the control station to 
allow the control station to determine if the transceiver is authorized to 
communicate within the remote identification system. 

Applicant submits the following figure showing steps of the claimed 
invention recited by claim 1 . 
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As recited in claim 1, in step 1, the claimed invention recites receiving 
transceiver configuration information including a network address and transceiver 
authentication credentials. 

In step 2, the claimed invention recites receiving an authentication request 
from a control station within the remote identification system. 

In step 3, the claimed invention recites applying authentication processing 
to request information within the authentication request, the authentication 
processing being based on use of the transceiver authentication credentials to 
produce an authentication response. 

In step 4, the claimed invention recites transmitting the authentication 
response to the control station to allow the control station to determine if the 
transceiver is authorized to communicate within the remote identification system. 

The Examiner likens the claimed invention to Leivo, which includes an 
authentication server as shown below. 
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In step 1 of Leivo, the server requests a user identification and password 
from the user at the display screen. 

In step 2, the user provides an appropriate identification and password. 

In step 3, the server provides the user with a PIN code and telephone 
number B. 

In step 4, the server sends an authentication request to the authentication 
server. The authentication request includes the phone number associated with 
the user's telephone as well as the PIN code provided to the user in step 3. 

In step 5, the authentication server initiates a call to the user's telephone. 

In step 6, in response to the call from the authentication server, via the 
user's telephone, the user provides the PIN code to the authentication server. 

The office action now asserts that that a combination of Leivo, Reader, 
and Hughes discloses all of the elements of the claimed invention. Applicant 
respectfully disagrees with this assertion because none of the cited references 
teaches or suggests "receiving a first data value and a second data value from 
the control station" and "utilizing the first data value to identify an instruction of 
multiple instructions associated with the transceiver; computing an authentication 
response value by applying the identified instruction to the second data value; 
and generating the authentication response to include the authentication 
response value" as recited by the claimed invention. 

The office action cites Leivo as disclosing such limitations. Applicants 
respectfully disagree. 

Column 8, lines 32-48 of Levio reads as follows: 

An arrangement according to FIG. 3 also enables e.g. a speech-based service 
menu to be implemented e.g. for a blind or partially sighted user. Assume that the 
service device 33 is e.g. an on-line banking terminal. The user 1 inserts his or her 
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bank or credit card into the card reader of the on-line banking terminal. The on- 
line banking terminal 33 communicates with the authentication server 4 either 
directly or e.g. via a main computer of the bank. The user 1 is authenticated on the 
basis of the information read from the card and he or she may also be required to 
enter a predetermined PIN code through the user interface of the banking 
terminal. On the basis of the identification information on the card, the user 1 is 
identified as a user with impaired vision, who, instead of the usual user interface 
of the banking terminal, uses his or her mobile telephone as the user interface. 
When the banking terminal 33 detects this, it switches off its display, (emphasis 
added) 

The Examiner seems to equate information read from the card and the 
PIN code as first data value and second data of as recited by the claimed 
invention. Applicants respectfully submit that this analysis does not make sense. 
The claimed invention recites that the request from the control station includes 
the first data value and the second data value. None of the things in the above 
passage indicate inclusion of multiple data values in a request. In fact, there is 
not even a mention of a request any data values. 

Applicants do agree that Leivo discloses an authentication request 
including a first data value and a second data value. For example, Leivo at 
column 7, lines 6-25, reads as follows: 

Assume that the GSM/GPRS telephone 21 establishes a WAP connection through 
the GPRS system 22 to a web server 25 connected to the Internet 24. First, the 
web server 25 shows the user a page for a login procedure to be performed. In 
other words, the user is requested to enter a user id and a password. The user 
enters the requested information and if the server 25 accepts this information, it 
shows the user of the telephone 21a PIN code and subscriber number B which the 
user is to call for authentication. At the same time, the server 25 issues an 
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authentication request, which contains the telephone number (subscriber number 
A) of the telephone 21 and said PIN code , to an authentication server 26. Through 
a GSM network 27 (and possibly through PSTN/ISDN networks 28), the user of 
the telephone 21 makes a GSM call to subscriber number B given to the 
authentication server 26 and gives the server 29 said PIN code. The authentication 
server 26 verifies the response call from the user and informs the web server 25 of 
the confirmation, as described above. An alternative to the call made by the 
telephone 21 is that the authentication server 26 calls the telephone 21, in which 
case the user provides the PIN code, (emphasis added) 

However, the claimed invention recites a specific use of the first data 
value and second data value not taught or suggested by Leivo. For example, the 
transceiver in the claimed invention utilizes the first data value to identify an 
instruction of multiple instructions. The transceiver then computes an 
authentication response based on applying the identified instruction to the 
second data value in the received authentication request message. The 
transceiver then transmits the authentication response to the controller. 

The office action cites the abstract as disclosing these limitations. The 
abstract of Leivo reads as follows: 

A method for real-time authentication or authorization of a user (1) of a secured 
system (3) is based on using two authentication channels and an authentication 
device (4) from which the secured system can request authentication or 
authorization (6) over a secured information network connection (6, 9). One of the 
authentication channels is a telephone network (8), to which the authentication 
device (4) is connected. A user logging into the secured system (3) over the other 
channel (6) of the authentication channels must make a call to the authentication 
device over the telephone network by his or her telephone (2). The authentication 
device verifies that a call has been received from a telephone number of the user's 
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telephone, and issues a positive verification response to the secured system. Upon 
receiving a positive response, the secured system provides a requested service 
through the other channel, (emphasis added) 

Applicants respectfully submit that there is no indication whatsoever of 
utilizing a first data value in the request message to identify an instruction and, 
thereafter apply the instructions to the second data value in the message. 
Instead, the cited passage only indicates the multi-channel system for 
authentication of a user. Instead, Leivo discloses the complex authentication 
technique as discussed above. 

The claimed invention is useful over the cited prior art because it provides 
a novel way of authenticating a transceiver based on use application of 
credentials associated with the transceiver. For example, the control station 
includes multiple data values in a request message. One data value in the 
request message maps to an instruction at the transceiver that is to be applied to 
the second data value and returned to the control station (e.g., the requestor). 
The authentication response will be correct only if the transceiver knows which 
specific instruction (as specified by the first data value) should be used to apply 
to the second data value also received from the control station. 

Based on the aforementioned remarks, Applicants submit that claim 1 is 
patentably distinct and advantageous over the cited prior art, and the rejection 
should be withdrawn. Accordingly, Applicants respectfully request allowance of 
claim 1 and, by virtue of dependency, allowance of corresponding dependent 
claims 8-1 1 , 33-35, 36-51 , and 53. 

Claim 2 has been amended to include limitations of previously pending 
claim 1 . Claim 2 recites: "wherein receiving transceiver configuration information 
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including a network address and transceiver authentication credentials 
comprises: 

performing address assignment processing to receive the network 
address; receiving transceiver authentication credentials including receiving: i) a 
transceiver identification code uniquely assigned to the transceiver; and ii) a 
transceiver instruction set containing a set of authentication values and 
corresponding authentication instructions." 

For example, Applicant submits that dependent claim 2 includes additional 
distinguishing features over the cited prior art. For example, claim 2 recites that 
the transceiver receives a transceiver identification code as well as a transceiver 
instruction set containing values and corresponding authentication instructions. 
Applicant respectfully traverses the rejection set forth by the Examiner because 
the cited language does not recite such specific details associated with 
authentication. The passage does recite that he telephone can receive a call 
from the authentication server. However, this is not equivalent to the claim 
limitations of "receiving transceiver authentication credentials including receiving: 
i) a transceiver identification code uniquely assigned to the transceiver; and ii) a 
transceiver instruction set containing a set of authentication values and 
corresponding authentication instructions." Accordingly, Applicant respectfully 
request allowance of claim 2. 

By virtue of dependency with respect to claim 2, claims 3-7 and 12 should 
be in condition for allowance as well. 

Claim 16 has been amended to include limitations of previously pending 
claim 17. For similar reasons that claim 2 is allowable, claim 16 should be in 
condition for allowance as well. By virtue of dependency with respect to claim 
16, claims 17-26 should be in condition for allowance as well. 
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Claim 31 includes similar limitations as claim 1 and should be allowable 
for similar reasons. 

Claims 13, 28, and 32 should be allowable for similar reasons as 
discussed above. Claims 14-15 and 29-30 depend from respective claims 13 
and 28 and therefore, by virtue of dependency, also should be in condition for 
allowance. 

Claim 36 has been amended to include limitations of previously pending 
claim 1 . For similar reasons that claim 1 is allowable, claim 36 should be in 
condition for allowance as well. By virtue of dependency with respect to claim 
37-39 should be in condition for allowance as well. 

Note again that each of the dependent claims includes further 
distinguishing features over the cited prior art. Some of the distinguishing 
features are discussed below. 

Claim 40 

Applicant would like to further point out that claim 40 includes further 
distinguishing language over the cited prior art. For example, claim 40 depends 
from claim 1 and recites that the step of "applying" in claim 1 includes "based on 
information in the authentication request, identifying one of multiple 
authentication instructions maintained at the transceiver; and applying the 
identified one of multiple authentication instructions to i) a data value in the 
authentication request received from the control station and ii) an identification 
code associated with the transceiver to produce the authentication response." 

To reject claim 40, the Examiner recites the same passage at column 7 
lines 6 through 25, which reads as follows: 
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First, the web server 25 shows the user a page for a login procedure to be 
performed. In other words, the user is requested to enter a user id and a password. 
The user enters the requested information and if the server 25 accepts this 
information, it shows the user of the telephone 21a PIN code and subscriber 
number B which the user is to call for authentication. At the same time, the server 
25 issues an authentication request, which contains the telephone number 
(subscriber number A) of the telephone 21 and said PIN code, to an authentication 
server 26. Through a GSM network 27 (and possibly through PSTN/ISDN 
networks 28), the user of the telephone 21 makes a GSM call to subscriber 
number B given to the authentication server 26 and gives the server 29 said PIN 
code. The authentication server 26 verifies the response call from the user and 
informs the web server 25 of the confirmation, as described above. An alternative 
to the call made by the telephone 21 is that the authentication server 26 calls the 
telephone 21, in which case the user provides the PIN code. 

Merely providing a PIN code via a corresponding telephone as in Leivo is not 
equivalent nor suggestive of a step of identifying one of multiple authentication 
instructions maintained at the transceiver based on information in the 
authentication request. Moreover, Leivo does not recite applying an identified 
one of multiple authentication instructions to i) a data value in the authentication 
request received from the control station and ii) an identification code associated 
with the transceiver to produce the authentication response. In fact, there is no 
indication in Leivo that the telephone even maintains one authentication 
instruction, let alone multiple authentication instructions. It logically follows that 
the telephone in Leivo would not apply an identified authentication instruction to a 
data value in the authentication request because the instructions do not exist. 
Unlike Leivo, this aspect of the claimed invention enables a transceiver to 
produce an authentication response based on an instruction specified by the 
authentication request as well as data in the authentication request. For the 
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same reason, Applicant respectfully submits that claim 42 is in condition for 
allowance. 

Further, in addition to the limitations as discussed above, note that claim 
40 also recites applying the identified instruction to an identification code 
associated with the transceiver to produce the authentication response. Leivo 
also does not recite such a limitation. For example, Leivo only recites that the 
telephone has a corresponding phone number used to dial the user. Neither the 
telephone nor user applies one of multiple identified instructions to the phone 
number to produce the authentication response. Accordingly, Applicant 
respectfully requests allowance of claims 40 and 42. 

Claim 3 

Applicant notes that the dependent claim 3 includes additional 
distinguishing features over the cited prior art. For example, claim 3 recites that 
receiving transceiver configuration information includes periodically receiving 
transceiver authentication credentials to replace the transceiver authentication 
credentials formerly received by the transaction. Applicant respectfully traverses 
the rejection set forth by the Examiner because the cited language does not 
recite replacement of any information whatsoever. Accordingly, Applicant 
respectfully request allowance of claim 3 or request the Examiner to provide 
proper support for such a rejection. 

Claim 4 

Applicant notes that the dependent claim 4 includes additional 
distinguishing features over the cited prior art. For example, claim 4 recites 
"wherein the request information within the authentication request includes: 

i) an request authentication result; and 

ii) a request data value; 
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wherein applying authentication processing to request information 
within the authentication request in conjunction with the transceiver 
authentication credentials to produce an authentication response comprises: 

identifying an authentication instruction that matches the request 
authentication result; and 

applying the authentication instruction that matches the request 
authentication result to the request data value from the authentication 
request to produce the authentication response." 
Applicant respectfully traverses the rejection set forth by the Examiner because 
the cited language does not recite such specific details of associated with 
authentication. First, there is no indication whatsoever in Leivo that the 
authentication request sent from the authentication server to the telephone 
includes a request authentication result or a request data value. Moreover, the 
cited prior art does perform matching of an authentication instruction based on a 
request authentication result. Nor does the cited prior art involve applying the 
authentication instruction that matches the request authentication result to the 
request data value from the authentication request to produce the authentication 
response. Accordingly, Applicant respectfully request allowance of claim 4 or 
clarification of the rejection. 

Claim 5 

Applicant notes that the dependent claim 5 includes additional 
distinguishing features over the cited prior art. For example, claim 5 recites 
"wherein identifying an authentication instruction that matches the request 
authentication result comprises: 

applying an authentication function to authentication values in the set of 
authentication values within the transceiver authentication credentials to produce 
corresponding transceiver authentication results; and 

for each transceiver authentication result produced, determining if the 
transceiver authentication result matches the request authentication result for 
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that authentication value, and if the transceiver authentication result matches the 
request authentication result for that authentication value, performing the 
operation applying the authentication instruction to produce the authentication 
response." Applicant respectfully traverses the rejection set forth by the 
Examiner because the cited language does not recite such specific details of 
associated with authentication. For example, there is no indication that the Leivo 
discloses a telephone having a set of authentication values, especially ones to 
which authentication functions are applied. Moreover, Leivo does not disclose 
the last limitation of matching as in claim 5. 

Claim 8 

Contrary to the Examiner's observation, there is no discussion in the cited 
prior art regarding a repeated attempt to authenticate a transceiver upon each 
failure. Accordingly, Applicant respectfully requests allowance of claim 8. 

Claim 9 

Contrary to the Examiner's observation, there is no discussion in the cited 
prior art regarding a transceiver that receives an authentication result in a 
authentication request as well as a data value for use by the transceiver to apply 
a selected instruction. Additionally, the claim recites subsequently receiving a 
different authentication result and different data value from the control station. 
The cited prior art additionally does not disclose this limitation as well. 
Accordingly, Applicant respectfully requests allowance of claim 9. 

Claim 33 

The Examiner admits that Leivo does not disclose implementing a roll 
back function in the context of authentication as in the claimed invention. 
Contrary to the assertion made in the office action, there is also no discussion in 
Boylan that the rollback functions are used in the context of authentication as in 
the claimed invention. For example, the claimed invention recites that a request 
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data value in the authentication request indicates an amount by which to roll an 
instruction set associated with the transceiver. Boylan provides no such function. 
Thus, the claimed invention includes a limitation not recited by the prior art. 
Applicant respectfully requests allowance of claim 33. 

Claim 35 

For similar reasons as claim 33, the claimed invention includes a limitation 
not recited by the prior art. Applicant respectfully requests allowance of claim 35. 

Claim 42 

Claim 42 recites: "wherein applying authentication processing to request 
information within the authentication request in conjunction with the transceiver 
authentication credentials to produce an authentication response includes: based 
on information in the authentication request, identifying one of multiple 
authentication instructions maintained at the transceiver; and applying the 
identified one of multiple authentication instructions to a data value in the 
authentication request received from the control station to produce the 
authentication response." 

The office action asserts that Leivo discloses such functionality without 
providing a specific indication of the corresponding passages that disclose each 
respective claim limitations. Applicant respectfully submits that Leivo at cited 
passage column 7, lines 6-25 and column 7, lines 25-54 do not disclose that 
information in an authentication request is used to identify one of multiple 
authentication instructions maintained at the transceiver. Nor do the passages 
recite applying an identified one of multiple authentication instructions to a data 
value in the authentication request received from the control station to produce 
the authentication response. Accordingly, Applicant respectfully submits that the 
rejection of claim 42 is improper. 
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Claim 43 

Claim 43 recites: "wherein applying authentication processing to the 
request information includes: identifying an authentication instruction that 
matches a request authentication result received in the authentication request; 
and applying the authentication instruction that matches the request 
authentication result to a request data value in the authentication request to 
produce the authentication response." 

The office action asserts that Leivo discloses such functionality without 
providing a specific indication of the corresponding passages that disclose each 
respective claim limitations. Applicant respectfully submits that Leivo at cited 
passage column 7, lines 6-25 does not disclose identifying an authentication 
instruction that matches a request authentication result received in the 
authentication request and applying the authentication instruction that matches 
the request authentication result to a request data value in the authentication 
request to produce the authentication response. Accordingly, Applicant 
respectfully submits that the rejection of claim 42 is improper. 

New Claims 54-55 

Applicant has added claims 54-55. Support for these claims can be found 
(among other places) in Fig 1-4 and corresponding text of the application. Each 
of these claims includes further patentable distinctions over the cited prior art. By 
virtue of dependency, these claims should be in condition for allowance as well. 
Thus, Applicants respectfully requests allowance of these new claims. These 
new claims should be allowable as well by virtue of dependency. 

CONCLUSION 

In view of the foregoing remarks, Applicants submit that the pending 
claims as well as newly added claims are in condition for allowance. A Notice to 
this affect is respectfully requested. If the Examiner believes, after reviewing this 
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Response, that the pending claims are not in condition for allowance, the 
Examiner is respectfully requested to call the Applicant(s) Representative at the 
number below. 



If there is a fee occasioned by this response, including an extension fee, 
that is not covered by an enclosed check, please charge any deficiency to 
Deposit Account No. 50-3735. 



If the enclosed papers or fees are considered incomplete, the Patent 
Office is respectfully requested to contact the undersigned Attorney at 
(508) 616-9660, in Westborough, Massachusetts. 



Respectfully submitted, 



/PPK/ 

Paul P. Kriz, Esq. 

Attorney for Applicant(s) 

Registration No.: 45,752 

Chapin Intellectual Property Law, LLC 

Westborough Office Park 

1700 West Park Drive, Suite 280 

Westborough, Massachusetts 01581 

Telephone: (508)616-9660 

Facsimile: (508)616-9661 

Customer No.: 58408 
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